Sample redacted report

This is the report we send you — without the redactions.

Below is a full facsimile of a real Dhara recon report, with target names and specific asset fingerprints redacted. Your report will look exactly like this, one per finding, mapped to the framework you request.

Get one for your domain
Eleven11 / DharaExternal exposure report
report-id — ████-████-████

Target

████-health.example

Healthcare information exchange · ABDM HIE-CM integrator · India

Executive summary

Scan profile
recon (passive)
Active probes sent
0
Subdomains observed
47
Live hosts
12
Tech fingerprints
19
Findings
11
Frameworks mapped
HIPAA · ABDM
Delivered
< 24h

Severity distribution

Critical1High3Medium4Low2Info1

Findings (redacted)

criticalWayback Machine / web.archive.org/2024/*

Historical URL leaks internal ABDM consent-artefact IDs

Archived copies of the /patient/consent-history page cached at a third-party archive include unredacted consent-artefact identifiers. Identifiers are long-lived and re-usable for replay against ABDM gateway under specific misconfigurations.

high*.████-health.example

Wildcard TLS certificate covers retired staging hostnames

Certificate Transparency logs show a wildcard leaf issued 2025-09-12 that still covers subdomains resolving to parked IPs. Past pre-production hosts re-resolved to attacker-controllable CNAMEs.

highapi.████-health.example/fhir/metadata

FHIR CapabilityStatement exposes unsupported resources

Anonymous GET on the metadata endpoint returns the server CapabilityStatement, including resource types the application does not intend to expose (e.g. AuditEvent, Consent) and OAuth endpoints pointing to a pre-production issuer.

highgrafana-staging.████-health.example

Exposed Grafana instance on non-production subdomain

HTTP 200 to /login with default-theme Grafana branding. Version banner (8.2.x) is affected by CVE-2021-43798. Even without login, path traversal in the affected version permitted arbitrary file reads in the container.

medium████-health.example

Missing DMARC policy on primary mail domain

No _dmarc TXT record published. Permits spoofed sender addresses; downstream impact on phishing-based PHI exfiltration. SPF present but not aligned.

mediumassets.████-health.example

S3-style bucket observed in tech fingerprint with directory listing

CNAME chain resolves to an object-storage provider. The bucket root returns XML ListBucketResult with 1,400+ keys. No evidence of PHI in filenames observed at report time, but access pattern is consistent with inadvertent public exposure.

mediumblog.████-health.example

Outdated WordPress reachable on marketing subdomain

generator meta tag reveals WordPress 5.9.x. Two plugins fingerprinted (redacted) have known authenticated RCEs in their current major versions.

mediummail-legacy.████-health.example

Open SMTP relay observed on legacy mail gateway

Passive fingerprint of banner indicates an end-of-life Postfix build. Historical scanning datasets flag the same host as relay-permissive. Not re-validated by Dhara (passive profile).

lowcdn.████-health.example/static/app.██.js

Internal JIRA URLs referenced in archived JavaScript bundles

Two code comments in an archived JS bundle reference internal ticket identifiers and a private JIRA hostname. Useful for social-engineering pretexts; no direct auth material exposed.

low████-health.example/.well-known/security.txt

Missing security.txt

No disclosure-policy document. Responsible-disclosure researchers have no channel to reach the team. Not a vulnerability but a widely expected hygiene signal for healthcare operators.

infogateway.████-health.example

Tech fingerprint: ABDM HIE-CM v1.4 gateway

Banner and CapabilityStatement imply HIE-CM protocol version 1.4. Flagged informationally so the rest of the report can be read against the right version of the specification.

Generated by Dhara · eleven11.pro/dhara · Passive observation only. No authenticated scanning performed.

Get one for your domain. Free.

Your report lands in your inbox within 24 hours of request. Passive only.

Get your free exposure report